I. Introduction
We, NTT DATA Business Solutions AG, as the operator of the website, are the entity responsible for processing the personal data of users of the website. You will find our contact information on the company information page of the website; the persons to contact with questions regarding the processing of personal data are named in this privacy policy.
We take the protection of your privacy and your private data very seriously. We collect, store and use your personal data solely in accordance with the content of this privacy policy and the applicable data protection regulations, especially the European General Data Protection Regulation (GDPR) and national data protection provisions.
With this privacy policy we inform you of the scope in which and the purposes for which personal data are processed in connection with use of the website.
1. Personal data
Personal data is information about an identified or identifiable natural person. This includes all information about your identity, such as your name, email address or mailing address. Information that cannot be associated with your identity (e.g., statistical information such as the number of users of the website) is not considered personal data.
You may use our website without disclosing your identity and without providing personal data. We will then only collect general information about the visit to our website. For some of the services offered, however, personal data is collected from you. As a rule, we then process that data only for purposes of use of the website, in particular for providing the desired information. During collection of personal data, only data that is absolutely required must be provided. There may also be an option to provide additional information; provision of such information will then be voluntary. We note in each case whether an information field is required or optional. We then provide information about specific details in the relevant section of this privacy policy.
No automated decisions are made based on your personal data in connection with the use of our website.
2. Processing of personal information
We store your data on specially protected servers within the European Union as well as on servers of service providers we use, including in the United States. These are protected by technical and organizational measures to prevent the loss, destruction, accessing, modification or distribution of your data by unauthorized persons. Only a few authorized persons are able to access your data. These persons are responsible for technical, commercial or editorial oversight of the servers. Despite regular monitoring, however, complete protection against all risks is not possible.
Your personal data is transmitted in encrypted form via the Internet. We use TLS/SSL (Transport Layer Security/Secure Socket Layer) encryption for data transmission.
3. Disclosure of personal data to third parties
We use your personal information solely to provide the services you request. When we use external service providers, they too have access to the data only for the purpose of providing services. We take technical and organizational measures to ensure compliance with statutory data protection provisions and also obligate our external service providers to do the same.
Furthermore, we do not disclose the data to third parties without your express consent, especially not for advertising purposes. Your personal data will only be disclosed if you have personally consented to the disclosure yourself, or if we are entitled or obliged to disclose data on the basis of legal provisions and/or official or court orders. This may in particular involve providing information for law enforcement or security purposes or for the enforcement of intellectual property rights.
When we transmit your personal data ourselves or through service providers in states outside of the European Union, we adhere to the special provisions of Art. 44 et seq. GDPR and also obligate our service providers to adhere to these regulations. Therefore, we will only transmit your data in states outside of the European Union if the level of protection ensured by the GDPR is observed. This level of protection is ensured in particular through an adequacy decision by the EU Commission or through suitable guarantees pursuant to Art. 46 GDPR.
4. Legal basis for data processing
If we obtain consent for the processing of your personal data, Art. 6 (1) (a) GDPR is the legal basis for the data processing.
If we process your personal data because this is necessary to fulfill a contract or within the framework of a contract-like relationship with you, Art. 6 (1) (b) GDPR is the legal basis for the data processing.
If we process your personal data to fulfill a legal obligation, Art. 6 (1) (c) GDPR is the legal basis for the data processing.
Art. 6 (1) (f) GDPR may also be used as a legal basis for the data processing if the processing of your personal data is necessary to safeguard a legitimate interest of our company or a third party and if your interests, fundamental rights and freedoms do not require protection of the personal data.
Within the framework of this privacy policy, we always indicate the legal basis being used to justify the processing of your personal data.
5. Data deletion and storage period
We always delete or block your personal data if the purpose for storing it ceases to apply. However, data may be stored longer if this is provided for by legal requirements to which we are subject, for example with regard to statutory retention and documentation requirements. In such a case, we will delete or block your personal data after the end of the relevant requirements.
II. Use of our website
1. Information about your computer
Each time you access our website, we collect the following information about your computer, independently of your registration: the IP address of your computer, the query from your browser and the time of this query. In addition, we record the status and the amount of data transferred as part of this query. We also collect product and version information about the browser and operating system of the computer used. Furthermore, we record the referring website from which our own site was accessed. The IP address of your computer is only stored for the time of use of the website and is subsequently deleted or made anonymous by shortening it. The remaining data is stored for a period of one year.
We use this data to operate the website, in particular to detect and correct errors, to determine the degree of utilization of the website and to make adjustments or improvements. These purposes also form the basis of our legitimate interest in data processing pursuant to Art. 6 (1) (f) GDPR.
2. Use of cookies
Like many other websites, our website uses cookies. Cookies are small text files that are stored on your computer and that store certain settings and data for interacting with our website via your browser. A cookie usually contains the name of the domain from which the cookie file was sent, information about the age of the cookie and an alphanumeric identifier.
Cookies enable us to recognize your computer and to immediately make certain settings or preferences available. Whenever possible, the cookies we use are “session” cookies, which are automatically deleted again after the end of the browser session. In individual cases, cookies with a longer storage period may also be used so that your settings and preferences can also be taken into account during the next visit to our website.
Most browsers are set to automatically accept cookies, but you may deactivate the storage of cookies or set your browser so that it informs you as soon as cookies are sent. It is also possible to manually delete cookies that have already been stored via the browser’s settings. Please note that your use of our website may be restricted or entirely blocked in some cases if you refuse the storage of cookies or delete necessary cookies.
In the event that cookies are not required for our website, we ask that you consent to the use of cookies the first time you access the site. With regard to non-obligatory third-party cookies, you will find a more detailed description below of the services we utilize from these third-party providers. The legal basis for the associated data processing including any further transmission of data is in each case your consent pursuant to Art. 6 (1) (a) GDPR. Consent that you have granted may be freely revoked at any time with effect for the future, in particular through changing the selected settings.
The legal basis for using required cookies is our legitimate interest in the proper presentation of our website pursuant to Art. 6 (1) (f) GDPR as well as – in the event that contracts are concluded or fulfilled via our website – contractual fulfillment pursuant to Art. 6 (1) (b) GDPR.
Cookie Consent
Please click the link below to see full details and review your choice regarding cookies on this site.
Your choice regarding cookies on this site
3. Registration
You can register for the use of our website. For this, you must share data requested in the context of registration, such as name, address and email address. We also collect the date and time of registration and the IP address. This benefits you because you do not have to re-enter this information with each instance of use or order.
Legal basis for processing the data for registration is, in the event of consent, Art. 6 (1) (a) GDPR. If you register for fulfillment or initiation of a contract with us, the legal basis for processing the data is, additionally, Art. 6 (1) (b) GDPR.
With registration, a customer account will be set up for you. We will store the data in the customer account for as long as an active customer relationship exists. If no further activity can be ascertained over a period of three years, the status of the customer relationship will be set to inactive. You can request deletion of your customer account at any time.
III. Incorporation of services from third-party providers
For some functions on our website, we utilize services from third-party providers. The relevant services are primarily optional functions that you would have to explicitly select or use. We have concluded contractual agreements with the respective providers to provide or incorporate their services, and do our utmost to ensure that the third-party providers also provide transparent information about the scope of personal data processing and comply with statutory data protection provisions.
1. Google Tag Manager
For our website, we use Google Tag Manager from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: “Google”). Google Tag Manager is a tag management system (TMS) with which tags – i.e. tracking codes – and associated code fragments can be managed on our website. Google services can be integrated into a website via Google Tag Manager.
When using Google Tag Manager, a connection established with Google’s servers. Google thereby saves the IP address of the browser from the device being used by the person visiting these web pages. The possibility of data being transmitted to Google in the United States in this context and of U.S. security authorities potentially gaining access to the data cannot be ruled out. However, no cookies are placed in connection with the use of Google Tag Manager.
You can find more detailed information about Google Tag Manager and Google’s data processing here:
https://support.google.com/tagmanager/answer/6102821?hl=en
https://www.google.com/policies/privacy/
Our legitimate interest pursuant to Art. 6 (1) (f) GDPR is our legal basis for the use of Google Tag Manager. Our legitimate interest is the management of the tracking codes on our website that make it possible for us to analyze the use of our website and improve and personalize our services.
2. Google Analytics
We use Google Analytics for statistical analyses. Google Analytics is a web analysis service of Google.
Among other things, Google uses cookies for analyses in the context of Google Analytics. Google stipulates the type and scope of the use and analysis of cookies. The information generated by the cookies about your use of the website is usually transferred to a Google server and stored there. The possibility of data being transmitted to the United States and of U.S. government entities thereby potentially accessing that data cannot be ruled out. However, if IP anonymization is activated on this website, Google will shorten your IP address beforehand. The full IP address will be transmitted to a Google server and shortened there only in exceptional cases.
Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide additional services relating to website use and Internet use to us as the website operator. Google may further use the data for its own purposes. For such purposes, for example, Google creates a profile on user behavior, or links data with other data, for example with an existing Google account. We have no influence on these data processing activities. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. For more detailed information, please see Google’s privacy policy information by following the link provided for you below.
We also use the Google Analytics “demographic characteristics” function. This allows for the creation of reports that contain statements about the age, sex and interests of visitors to the site. This data comes from interest-based Google advertising as well as visitor data from third-party providers. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit collection of your data via Google Analytics as described in the paragraph below. You can find more information about the “demographic characteristics” function at Google at https://support.google.com/analytics/answer/2799357?hl=de.
You can prevent Google from collecting and processing the data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en. Further information can be found at http://tools.google.com/dlpage/gaoptout?hl=en or http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection). Please note that the code “anonymizeIp();” has been added to Google Analytics on our web pages in order to anonymize the IP addresses; this involves deletion of the last octet.
3. Dealfront
We use the Dealfront service from Dealfront Finland Oy, Keskuskatu 6 E, 00100, Helsinki, Finland (“Dealfront”) on our website. Dealfront helps make it possible to identify the companies that visit our website in order to address them in a targeted way. First, Dealfront records the IP addresses of users of our website. The service then links the list of IP addresses with information about the companies found at those IP addresses. Because website visitors’ IP addresses are shortened, no direct personal association is made. A personal association may result from viewing the linked company information. Cookies are also used in connection with the use of Dealfront. The possibility of data being transmitted to the United States and of U.S. security authorities potentially gaining access to the data cannot be ruled out.
You can find additional information about the data collected and about data protection at Dealfront at: https://www.dealfront.com/privacy-center/ and https://www.dealfront.com/gdpr/
The legal basis for using Dealfront is your consent pursuant to Art. 6 (1) (a) GDPR.
4. HubSpot
We use services from HubSpot Inc., Ground Floor, Two Dockland Central Guild Street, Dublin 1, Ireland (“HubSpot”) for website analysis. HubSpot is an integrated software solution with which we cover various aspects of online marketing. These include: Email marketing (newsletter as well as automated mailings, for example to provide downloads), reporting (e.g. traffic sources, access, etc.), contact management (e.g. user segmentation & CRM), landing pages and contact forms. In particular, HubSpot is used to optimize our marketing measures and our website, for example using statistical analyses and evaluations of documented user behavior. Cookies are also used in the context of various HubSpot functions.
The personal data processed during use of HubSpot as well as the website content are stored on HubSpot servers. It may be used for purposes including determining what website content is relevant to the user as well as analysis and evaluation of user behavior. The possibility of data being transmitted to the United States in this context and of U.S. security authorities potentially gaining access to the data cannot be ruled out. All data processed in this context is used exclusively for optimization of our marketing measures. You can find additional information about data protection at HubSpot at: https://legal.hubspot.com/privacy-policy.
The legal basis for the use of HubSpot services is your consent pursuant to Art. 6 (1) (a) GDPR.
5. Retargeting and remarketing
Retargeting and remarketing refer to technologies in which users who have previously visited a particular web page are shown related advertising even after leaving that web page. For this, it is necessary to recognize Internet users beyond the company’s own web page, for which cookies of the relevant service providers are used; usage behavior to date is also taken into account. For example, if a user views certain products, those or similar products may be shown to him or her later as advertising on other web pages. This is personalized advertising that is adapted to the individual users’ needs. For this personalized advertising, no identification of the user beyond the recognition is required. We therefore do not merge the data used for the retargeting or remarketing with other data.
We use such technologies to display ads on the Internet. We use third-party providers to display the ads. Among other things, we use services from Google that permit products of interest to the Internet user to be shown automatically. This function is executed through cookies. The possibility of data being transmitted to Google in the United States in the course of this process and of U.S. security authorities potentially gaining access to the particular data cannot be ruled out.
You can find additional information on this technology in the Google data protection provisions at https://policies.google.com/privacy?hl=de. The cookies necessary for these technologies will be placed only after your prior active consent. Installation of cookies for Google Remarketing and Google AdWords Conversion Tracking can also be entirely prevented in advance via the particular browser software’s settings by accessing the website at http://www.google.com/policies/privacy/ads/ and changing the relevant setting.
6. AdRoll
We use Adroll Remarketing Tracking from NextRoll, Inc., Level 6, 1, Burlington Plaza, Burlington Road, Dublin 4, Ireland. When our website is used, anonymized data on the pages that are visited is stored in cookies. The service analyzes the user’s behavior using algorithms in order to then be able to display targeted product recommendations as personalized advertising banners on other websites. The cookie placed for this purpose contains a random identifier. When the cookie is deleted, this identifier disappears. The relevant cookies are placed only with your consent. The legal basis for this is Art. 6 (a) GDPR. The possibility of data being transmitted to the United States in this context and of U.S. security authorities potentially gaining access to the data cannot be ruled out.
You can find more information about data processing by AdRoll at: https://www.nextroll.com/privacy.
7. Meta Pixel
In the context of advertising on Facebook and Instagram, we use the so-called “Meta pixel” if you have consented to this. This is an analytics service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter referred to as “Meta”). The “Meta pixel” is a JavaScript code and is integrated into the website to track the effectiveness of Meta adverts for statistical and market research purposes. This makes it possible to see when users have been redirected to our website after clicking on a Facebook or Instagram advert and whether they have carried out a specified action there (e.g. sending contact forms or page views). This also allows us to define and target users of our website as a target group for the presentation of adverts (e.g. address users via adverts after they have visited our website). Meta collects the following information, among other things, through the integration: IP address, browser information and history, browsing time, cookie information, website history, age, gender, browser language setting.
The processing of your data in this context is only permitted with your consent. The legal basis for the processing of your data is Art. 6 (1) (a) GDPR. Meta states that it only stores the collected data for as long as is necessary for the respective purposes. For example, the “_fbp” cookie identifies browsers in order to provide analysis services for advertising and websites. It has a storage period of 90 days. Meta is certified under the EU-U.S. Data Privacy Framework (DPF). Further information on this can be found at https://www.dataprivacyframework.gov/list.
8. Google Maps
We use the Google Maps map service for our website. Google Maps is a Google service. Only technically necessary cookies are placed for the maps that are incorporated into our website.
In order to comply with statutory data protection provisions, the conditions of use for the map service contain statutory data protection provisions that serve to protect you. Google’s conditions of use for the map service can be found at https://www.google.com/intl/en_US/help/terms_maps/; Google’s general explanations concerning data protection can be accessed at https://policies.google.com/privacy?hl=en&gl=en.
Art. 6 (1) (f) GDPR is the legal basis for incorporation of the map service; our legitimate interest lies in providing map material for your orientation. Our legal basis for placing cookies in connection with the use of Google Maps is your consent pursuant to Art. 6 (1) (a) GDPR.
9. Use of Google reCAPTCHA
For the purpose of protecting against misuse of our online forms and against spam, we use the Google reCAPTCHA service with some forms on this website. By checking manual entries, this service prevents automated software (bots) from carrying out improper activities on the website. The service includes sending the IP address and potentially other data needed by Google for the reCAPTCHA service to Google. This serves, pursuant to Art. 6 (1) Clause 1 (f) GDPR, to safeguard our legitimate interests in protecting our website against misuse and in the uninterrupted presentation of our website. The possibility of data being transmitted to the United States in this context and of U.S. security authorities potentially gaining access to the data cannot be ruled out.
You can view additional information on Google reCAPTCHA as well as Google’s privacy policy at: https://policies.google.com/privacy?hl=en.
10. Matomo
This website uses the open-source web analytics service Matomo.
With the help of Matomo, we are able to collect and analyze data about the usage of our website by website visitors. This allows us to determine, among other things, when which page views were made and from which region they came. We also collect various log files (e.g., IP address, referrer, browsers, and operating systems used) and can measure whether our website visitors perform certain actions (e.g., clicks, purchases, etc.).
All log files are processed anonymously so that they are no longer attributable to website visitors.
We have configured Matomo in such a way that it does not store any cookies in your browser and the analysis is therefore cookieless.
11. GeoIP Location Service
In order to provide you with a localized experience on our website, we use the IP2Location service to determine your country of origin based on your IP address. We collect and use your IP address for this purpose only. If you have a specific country set in your forceCountry cookie, we will use that country instead and not perform an IP-based location query.
IV. Order processing
We use your personal data for orders only within our enterprise and associated companies as well as with the enterprises contracted to process orders.
1. Storage and disclosure of data in the context of orders
If you wish to use an order form on our website, we will collect the personal data that you provide on the order form, in particular name and email address, for this purpose. In addition, financial information such as your bank account or credit card number may also be collected. We also store the IP address and the date and time of the query. We process the data transmitted via the order form exclusively to enable us to process your particular order.
The legal basis for processing the data that is necessary for an order is contractual fulfillment pursuant to Art. 6 (1) (b) GDPR. If you provide additional data that is not required for the order, then the legal basis is your consent pursuant to Art. 6 (1) (a) GDPR.
For order processing, we work with different companies that are responsible for payment processing and logistics. In doing so, we ensure that our partners also comply with the statutory data protection provisions. The legal basis for this is Art. 6 (1) (b) GDPR. Processing of your personal data is necessary to fulfill the contract with you.
We will store the data for as long as it is necessary to fulfil the contract. In addition, we store this data for the legally prescribed period to fulfil post-contractual obligations and due to commercial and tax retention periods. This retention period is generally 10 years from the end of the respective calendar year.
V. Applicant portal
You can use the applicant portal to apply for a job with us and to submit all necessary information and documents. Use of the applicant portal is voluntary. You can also send your application to us in a different way, such as via email or in the mail. All personal data from your application and all attachments you provide in your application will only be collected, processed and used by us and our subsidiaries for the purpose of the applicant selection procedure and for internal statistics.
When an application is received via the applicant portal, your documents are electronically forwarded to the people who make the specific hiring decision or are significantly involved in that decision. These people regularly include personnel department employees (recruiters) as well as the supervisor and, in certain cases, those responsible for the particular area. Furthermore, because of compliance with legal obligations arising from labor law and social security or social protection law, it may be necessary in a specific application process for employee representatives (works council and representatives for disabled employees) to obtain access to your applicant profile. Data is only further disclosed within our group of affiliated companies with your express consent.
If you have applied for an advertised position, the documents will automatically be deleted six months after the recruitment process is concluded, provided there are no other legitimate interests that conflict with deleting them. Such legitimate interests in this sense include, for example, obligations to present proof in proceedings according to the General Equal Treatment Act (AGG).
In the case of an application without reference to an advertised position (unsolicited application), the application is kept for as long as there is a possibility that the application may be of interest. You have the option to request deletion of your application at any time, even before the intended retention periods have expired. In the event of a successful application, the transmitted data will be stored in compliance with legal requirements for the purpose of processing the employment relationship. In all other cases, the legal basis for storing your applicant data is your consent pursuant to Art. 6 (1) (a) GDPR.
Additional information on the processing of your personal data during the application process can be found in the privacy policy on our applicant portal.
VI. AddStore
In our AddStore, you have the option of getting a comprehensive overview of our adaptable AddOn solutions, workshops and service packages. The AddStore is intended to simplify the search for the right solution for your company and to offer you a way to find adaptable and applicable solutions. For this purpose we can, with the appropriate cookie settings, use personal data like IP address, search function or accessing of particular sub-pages on the NTT DATA Business Solutions website in order to facilitate the search for you or show products that may interest you. The legal basis for this is your consent pursuant to Art. 6 (1) (a) GDPR.
In addition, we further process your data for the purpose of making contact and processing your query. The legal basis is likewise your consent pursuant to Art. 6 (1) (a) GDPR.
Additional information on the processing of your personal data during use of the AddStore can be found in the privacy policy.
VII. Facebook fan page and Instagram account
In addition to our own website, we also operate a fan page on the Facebook social network and an account on the Instagram social network. We use the fan page and the Instagram account to provide information about our activities and offer a communication channel. The Facebook social network is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: “Facebook”).
1. Delineation of responsibility
To the extent possible at Facebook, we seek to ensure protection of your privacy and your private data. To the extent that we process your personal data in conjunction with visiting the fan page or the Instagram account, the explanations in this privacy policy apply without restriction. Because of the integration of the fan page and the account into Facebook’s offerings, it is important to note that Facebook processes personal data at the same time. We have no influence on data processing by Facebook; in particular, Facebook does not work for us as a contracted processer under our responsibility. For data processing by Facebook, at least according to Facebook’s claims, the Facebook guidelines that can be found at https://www.facebook.com/policy.php apply.
In terms of privacy law, it can be assumed that we share responsibility with Facebook for operation of the fan page and analysis of user data when visiting the fan page. The same applies for operation of the account at Instagram and the associated analytic possibilities. In accordance with the statutory data protection provisions, we have made an agreement in our internal relationship with Facebook to delineate responsibility.
2. Page Insights
Facebook offers the operators of fan pages as well as Instagram accounts the option of obtaining an overview of use of the fan page or of the Instagram account and its users via the Page Insights functions. Page Insights primarily makes it possible to obtain and analyze statistical data. We use the data from Page Insights to design the fan page and the Instagram account as attractively and efficiently as possible. Facebook provides us with data that Facebook itself has generated for this purpose. Facebook makes further information on the functioning of and responsibility for the Page Insights function available at https://www.facebook.com/legal/terms/page_controller_addendum.
3. Facebook Business Manager
We use Facebook Business Manager to manage our social media pages. This management platform is made available by Facebook. This tool serves to establish an authorizations plan for management of a fan page. The tool can also be used to view the success of any advertising campaigns or the like in the context of an analysis. In the course of this technical process, data may be transmitted to Facebook onto servers in the United States. The possibility of U.S. security authorities accessing that data cannot be excluded.
You can find additional information about data protection at Facebook at: https://www.facebook.com/about/privacy.
4. Facebook Messenger and Instagram Direct Messaging
Facebook offers users that are registered with Facebook the option of communicating directly via Facebook Messenger. In the case of Instagram, you likewise have the option of communicating with us directly via the “Instagram Direct Messaging” function. If you contact us via Messenger or via the Instagram Direct Messaging function, we store and use the transmitted data exclusively to respond to your query. The legal basis for the processing of your data is your consent pursuant to Art. 6 (1) (a) GDPR as well as our legitimate interest pursuant to Art. 6 (1) (f) GDPR. Our legitimate interest lies in collecting and processing customer queries, analyzing customer queries and monitoring for misuse.
The data is deleted as soon as it is no longer needed to achieve the purpose of its collection. For your personal data, this is the case when the particular conversation is over. The conversation is over for us when it is evident from the circumstances that the matter has been conclusively cleared up. You have the option at any time of revoking your consent to the processing of the personal data; in this case, we will delete the data if there is no basis for further storage.
5. Further information on Facebook
For questions on our use of personal data in connection with the use of the Facebook fan page, you may contact us and our data protection officer at any time. The contact data and the communication channels are described in our privacy policy. If you have questions about data protection at Facebook, we ask that you contact Facebook directly. General information on the secure use of social networks is also made available by the German Federal Office for Information Security (BSI) on its website at https://www.bsi-fuer-buerger.de/BSIFB/DE/DigitaleGesellschaft/SozialeNetze/sozialeNetze_node.html.
VIII. Communication with us
You can contact us in various ways, including through the contact form on our website. You are also welcome to receive regular issues of our newsletter by email.
1. Contact form and registration form
If you wish to use the contact form or the registration form on our website, we will collect the personal data that you provide on the relevant form, especially name and email address, for this purpose. We also store the IP address and the date and time of the query. We process the data transmitted through the contact form or registration form exclusively to enable us to respond to your query or concern and to process the registration.
You may decide for yourself what information you want to transmit to us via the contact form and the registration form. The legal basis for the processing of your data is your consent pursuant to Art. 6 (1) (a) GDPR.
After we have dealt with the matter, the data will initially be stored in case there are further inquiries. Deletion of the data may be requested at any time; otherwise, we delete data after complete resolution of the matter. Statutory retention requirements continue to apply in any event.
2. Newsletter
When registering for our newsletter, your email address will be used for our own advertising purposes until you unsubscribe. You will regularly receive information by email about current topics as well as emails for special occasions, such as special promotions. The emails may be personalized and individualized based on our information about you.
For subscribing to our newsletter, if you have not given us your written consent, we will use the double opt-in procedure — that is, we will not send you a newsletter by email until you have first expressly confirmed to us that we should activate sending of the newsletter. We will then send you a notification email and ask you to confirm that you would like to receive our newsletter by clicking on a link contained in this email.
If you have expressly registered for the newsletter, the legal basis for the processing of your data is your consent pursuant to Art. 6 (1) (a) GDPR. Within the framework of the statutory requirements, it is also possible for you to receive our newsletter without express consent because you have ordered goods or services from us, or if we have received your email address in this connection and you have not objected to receiving information by email. In this case, our legitimate interest in transmitting direct mail for advertising pursuant to Art. 6 (1) (f) GDPR is to be regarded as the legal basis.
If you no longer wish to receive any newsletters from us, you may revoke the consent you granted at any time with effect for the future or may decline to continue receiving the newsletter without incurring any costs other than the costs of conveying that information according to the standard rates. Simply use the unsubscribe link included in each newsletter or send a message to us or to our data protection officer.
3. HubSpot
We use HubSpot to send our newsletter. The email addresses of our newsletter recipients as well as the other data processed when sending the newsletter are stored on HubSpot servers in the United States. HubSpot also offers various analysis options on the extent to which the newsletters that are sent are opened and used, e.g. the number of users to whom an email was sent, how many users actually opened or rejected the email, whether the user interacted with, for example, links contained in the email and whether users unsubscribed from the list after receiving an email. The possibility of data being transmitted to the United States in this context and of U.S. security authorities potentially gaining access to the data cannot be ruled out. You can find additional information about data protection at HubSpot at: https://legal.hubspot.com/privacy-policy.
HubSpot uses the information that is provided and collected to send and analyze the newsletter on our behalf. We have concluded a “data processing agreement” with HubSpot. This is a contract in which HubSpot undertakes to protect our users’ data, to process it on behalf in accordance with HubSpot’s data protection provisions and, in particular, not to disclose it to third parties.
The legal basis for the collaboration with HubSpot is your express consent pursuant to Art. 6 (1) (a) GDPR.
4. Embedded weblinks
The emails we send contain links that lead, after relaying via our servers, to a relevant area of the Internet. The relaying system allows us to change the target URL of these links and determine the effectiveness of marketing measures. Using these links, we can determine whether you clicked on a link in the email. Information about this interaction can be associated with your personal identity. The legal basis is your consent pursuant to Art. 6 (1) (a) GDPR.
5. Online surveys
We also conduct surveys on our website. If you take part in such a survey, the data that is transmitted will be stored and used only for carrying out the particular survey. Above and beyond that, the data is only used for further sending of information if you have explicitly consented for us to do so in the context of the survey. You yourself can decide what information you provide to us in the context of the online surveys. The legal basis is your consent pursuant to Art. 6 (1) (a) GDPR.
The data is deleted as soon as it is no longer needed to achieve the purpose. For your personal data, this is the case when the particular survey has been completed.
6. Social Media
On our website, you will find links to the Facebook and Instagram social networks, the Xing and LinkedIn career networks, the YouTube video platform and the Twitter news posting service. The links can be recognized by the logo of the respective provider. You also have the option of sharing individual content with third parties via the respective links.
In addition, we use plug-ins on our website that are provided by the Facebook, Twitter, Xing (DE, CH) and LinkedIn social networks. In order to protect your data, however, these plug-ins are not integrated directly into our website but are instead embedded into the site via a link. This solution ensures that visiting one of our websites that contains such a plug-in does not automatically lead to a connection to the servers of the provider of the particular social network.
Clicking on the links or the plug-in will open the corresponding social media pages; this privacy policy does not apply for those sites. Please see the privacy policies of the individual providers for details of the provisions that apply there; you will find these at:
Facebook: http://www.facebook.com/policy.php
Instagram: https://help.instagram.com/519522125107875
Xing: https://www.xing.com/privacy
LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=en_EN
https://policies.google.com/privacy?hl=en&gl=en
Twitter: https://twitter.com/privacy?lang=en
No personal information is transmitted to the respective providers before the corresponding links are accessed. Your accessing of the linked page is in addition the basis for data processing by the respective providers.
7. Use of YouTube
YouTube videos are incorporated into our website; we use a plug-in from the Google-operated service YouTube (hereinafter: “YouTube”) to play them. Google is the operator of the service.
We use the YouTube service in expanded privacy mode in order to protect your privacy as well as possible. If you access a page of our website that includes a YouTube video, Google initially receives only the information necessary to display the video, and no cookies are placed for usage analysis. Google receives further information only if you play the video that is displayed; in this case, Google can also place cookies to analyze your user behavior. When you play the video, for example, information is shared with Google’s YouTube servers about which page of our website you are playing the video from.
If you are logged in to your Google account, you allow Google or YouTube to match your browsing behavior directly to your personal Google profile. We therefore recommend only playing YouTube videos that are displayed if you consent to associated data processing by Google. You can prevent matching of the data to your Google profile by logging out of your YouTube account. You can find further information about how user data is handled in Google’s privacy policy at https://policies.google.com/privacy?hl=en&gl=en, which also applies for YouTube.
We use YouTube so that we can show you videos and thereby inform you better about us and our services. The legal basis for incorporating the videos is our legitimate interest pursuant to Art. 6 (1) (f) GDPR; playing of the videos and the associated further data processing, however, occur only on the basis of your consent pursuant to Art. 6 (1) (a) GDPR.
8. Use of Vimeo
Videos from the Vimeo video platform are incorporated into our website. Vimeo LLC, 555 West 18th Street, New York 10011, USA (hereinafter: “Vimeo”) is the operator of this service.
If you access a page of our website on which a video is displayed via Vimeo, a connection is made to Vimeo’s servers. Vimeo can place cookies to analyze your user behavior. For example, information is shared with the server about which pages of our website you have visited.
If you are logged in to your Vimeo account, you allow the provider to match your browsing behavior directly to your personal profile. You can prevent this by logging out of your account. You can find further information about how user data is handled in Vimeo’s privacy policy at https://vimeo.com/privacy.
We use Vimeo so that we can show you videos and inform you about us and our services. The legal basis for incorporating the videos is our legitimate interest pursuant to Art. 6 (1) (f) GDPR; playing of the videos and the associated further data processing, however, occurs only on the basis of your consent pursuant to Art. 6 (1) (a) GDPR.
IX. Your rights and how to contact us
We place great value on explaining the processing of your personal data as transparently as possible and also on informing you about the rights you have. If you wish to have more detailed information or to exercise your rights, you may contact us at any time so we can address your concerns.
1. Rights of affected parties
You have extensive rights with respect to the processing of your personal data. First, you have an extensive right to information and may, where applicable, request correction and/or deletion or blocking of your personal data. You may also demand restrictions on the processing of your data, and you have a right to object to such processing. You also have a right to data portability governing the personal data you have provided to us.
If you wish to assert one of your rights and/or to receive further information about your rights, please contact our customer service department. Alternatively, you can also contact our data protection officer.
2. Revocation of consent and objections
Consent that you have granted may be freely revoked at any time with effect for the future. Revocation of consent shall not affect the legality of processing carried out on the basis of your consent prior to revocation. Our customer service department and our data protection officer are also the contacts for this purpose.
If the processing of your personal data is not based on consent but rather on another legal basis, you may object to this data processing. Your objection will lead to a review and, if necessary, to termination of the data processing. You will be informed of the results of the review and will — if data processing is nevertheless to be continued — receive further details from us as to why data processing is permissible.
3. Data protection officer and contact
We have designated a data protection officer who supports us in privacy-related legal matters and whom you can also contact directly. For questions related to our handling of personal data or additional information on privacy-related legal matters, our data protection officer is available to you at data-privacy-solutions-GLOBAL@nttdata.com.
4. Complaints
If you believe our processing of your personal data is not in accordance with this privacy policy or the applicable data protection regulations, you have the right to lodge a complaint with the regulatory authorities. You may also lodge a complaint with our data protection officer. The data protection officer will then investigate the matter and inform you of the results of the investigation.
X. Further information and changes
1. Links to other websites
Our website may contain links to other websites. These links are generally marked as such. We have no influence on the extent to which applicable data protection regulations are observed on the linked websites. We therefore recommend that you also consult the respective privacy policies on the other websites.
2. Changes to this privacy policy
The status of this privacy policy is shown by the date indicated (below). We reserve the right to change this privacy policy at any time with effect for the future. Changes occur in particular when technical adjustments are made to the website or when the provisions of privacy law change. The respective current version of the privacy policy can always be accessed directly from the website. We recommend that you inform yourself regularly of changes to this privacy policy.
This privacy policy valid as of: March 2024